ETSI TR 187 013 V3.1.1 (2011-02)

Technical Report
Telecommunications and Internet converged Services and
Protocols for Advanced Networking (TISPAN);
Feasibility study on IPTV Security Architecture

2 ETSI TR 187 013 V3.1.1 (2011-02)

Reference
DTR/TISPAN-07033-NGN-R3
Keywords
architecture, security
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
Individual copies of the present document can be downloaded from:
http://www.etsi.org
The present document may be made available in more than one electronic version or in print. In any case of existing or
perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF).
In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive
within ETSI Secretariat.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
http://portal.etsi.org/tb/status/status.asp
If you find errors in the present document, please send your comment to one of the following services:
http://portal.etsi.org/chaircor/ETSI_support.asp
Copyright Notification
No part may be reproduced except as authorized by written permission.
The copyright and the foregoing restriction extend to reproduction in all media.

© European Telecommunications Standards Institute 2011.
All rights reserved.
TM TM TM TM
DECT , PLUGTESTS , UMTS , TIPHON , the TIPHON logo and the ETSI logo are Trade Marks of ETSI registered
for the benefit of its Members.
TM
3GPP is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners.
LTE™ is a Trade Mark of ETSI currently being registered
for the benefit of its Members and of the 3GPP Organizational Partners.
GSM® and the GSM logo are Trade Marks registered and owned by the GSM Association.
ETSI
3 ETSI TR 187 013 V3.1.1 (2011-02)
Contents
Intellectual Property Rights . 6
Foreword . 6
1 Scope . 7
2 References . 7
2.1 Normative references . 7
2.2 Informative references . 7
3 Definitions and abbreviations . 9
3.1 Definitions . 9
3.2 Abbreviations . 10
4 Security Requirements on IPTV Content and Service Protection . 12
5 Identification and authentication in IPTV . 13
6 Generic stage 2 model for IPTV service protection . 14
6.1 Overview of model . 14
6.2 Detailed model description . 16
6.2.1 URK generation and delivery . 16
6.2.2 SEK generation and delivery . 17
6.2.3 TEK generation and delivery . 17
7 Candidate Key Hierarchies for Service Protection . 18
7.1 4-Layers Key Hierarchy . 18
7.1.1 Bootstrapping Layer . 19
7.1.2 Key Management Layer . 19
7.1.3 Key Stream Layer . 19
7.1.4 Traffic Protection Layer . 19
7.2 3-Layers Key Hierarchy . 19
7.2.1 Bootstrapping Layer . 20
7.2.2 Key Stream Layer . 20
7.2.3 Traffic Protection Layer . 20
8 Candidate Security Models for Service Protection . 20
8.1 Mapping of 4-Layers Key Hierarchy to Security Model . 20
8.2 Mapping of 3-Layers Key Hierarchy to Security Model . 21
9 Candidate Solutions for Service Protection . 22
9.1 Service Protection Solution One . 22
9.1.1 Functional Architecture Overview . 23
9.1.2 Reference Points . 23
9.1.2.1 KMF - UE (Kx) . 23
9.1.2.2 KMF - CEF (Ky) . 23
9.1.2.3 CEF - MDF (Kz) . 23
9.1.3 Solution Description . 24
9.1.3.1 Procedures for service protection deployment . 24
9.1.3.2 Procedures for key providing . 25
9.2 OMA BCAST 1.0 as candidate solution . 26
9.2.1 OMA BCAST Functional Architecture and TISPAN IPTV . 27
9.2.2 OMA BCAST Service and Content Protection . 31
9.2.2A OMA BCAST Smart Card Profile adaptation to MPEG-2 TS . 35
9.2.3 OMA BCAST DRM-Profile as a candidate solution . 38
9.2.3.1 Functional Architecture Overview . 39
9.3 Service Protection using DVB Simulcrypt approach . 41
9.3.1 Functional Architecture Overview . 42
9.3.2 Solution Description . 42
9.4 MBMS as candidate solution for IPTV Service Protection . 42
9.4.1 Summary of MBMS as candidate solution . 44
ETSI
4 ETSI TR 187 013 V3.1.1 (2011-02)
9.5 User Authentication and Service Authorization and any Content Protection (UA, SA and any CP) as
candidate solution . 46
9.5.1 Open IPTV Authentication, Content and Service Protection Specification . 46
9.5.2 OIPF SAA and CSP solutions integration into TISPAN NGN . 48
10 Gap Analysis and Selection of Possible Solutions for Service Protection . 50
10.1 TISPAN IPTV Security Requirements . 50
10.1.1 Common IPTV Security Requirements . 50
10.1.2 IPTV Service Protection Requirements . 53
10.1.3 Non-IMS-based IPTV Security Requirements. 54
10.1.4 Availability and DoS Protection Requirements . 55
10.1.5 Other Assessment Requirements . 55
10.1.5.1 Ability to address legacy IPTV head end and interworking to deployed equipment . 55
10.1.5.2 OMA BCAST solution . 55
10.1.5.3 UA, SA and any CP . 56
10.2 Comparisons between OMA BCAST Smartcard Profile and MBMS solutions . 56
10.3 Pros and Cons considering DRM and SmartCard Profile . 57
11 Coexistence and Interoperability Analysis . 59
11.1 Coexistence of pre-existing non-TISPAN IPTV protection solutions . 59
11.1.1 DVB Simulcrypt . 59
11.1.2 OMA BCAST . 59
11.1.3 UA SA and any CP . 59
11.2 Interoperability of service protection with content protection . 59
11.2.1 MPEG-2 Transport Stream Protection . 59
11.2.2 OMA BCAST . 59
11.3 Service Protection Model reusing UPSF/PDBF, BSF and NAFs . 60
12 Recommendations . 62
12.1 OMA BCAST . 62
12.2 UA SA and any CP . 62
Annex A (informative): Service Protection using MBMS Approach . 63
A.1 Introduction . 63
A.2 Key Architecture . 63
A.2.1 Four-layered key management system . 63
A.2.2 Root Key and the Layer 1 subscriber management key . 64
A.2.3 Key architecture within ETSI-TISPAN Security architecture . 65
A.3 MBMS-Architecture . 66
A.3.1 MBMS and GBA . 66
A.3.1.1 Bootstrapping server function (BSF) . 66
A.3.1.2 Network application function (NAF) . 67
A.3.1.3 Home Subscriber Server (HSS) . 67
A.3.1.4 UE . 67
A.3.1.5 Bootstrapping architecture and reference points . 67
A.3.1.5.1 Reference point Ub . 67
A.3.1.5.2 Reference point Ua . 68
A.3.2 BM-SC as NAF . 68
A.3.3 BM-SC Network Components . 68
A.3.3.1 Membership function . 69
A.3.3.2 Session and transmission function . 69
A.3.3.3 Proxy and Transport Function . 70
A.3.3.4 Service Announcement Function . 70
A.3.3.5 MBMS Security Function . 70
A.3.3.6 Protocol stack used by MBMS User Services. 70
A.4 Service protection of TISPAN IMS-based IPTV using MBMS. 71
A.4.1 Using MBMS security function for IMS-based IPTV-Service Protection . 71
A.4.1.1 MBMS and BM-SC scope . 71
A.4.1.2 Functional entities in BM-SC and their matching to ETSI TISPAN . 72
A.4.1.2.1 Key Management Function . 73
ETSI
5 ETSI TR 187 013 V3.1.1 (2011-02)
A.4.1.2.2 Session and Transmission Function . 73
A.4.2 Using MBMS as IPTV R3 Protection Mechanism . 74
A.4.2.1 General Overview . 74
A.4.2.2 Service Protection Processes for ETSI TISPAN IMS-based IPTV R3 described in detail . 75
A.5 GBA and ETSI TISPAN NGN Architecture . 79
History . 82

ETSI
6 ETSI TR 187 013 V3.1.1 (2011-02)
Intellectual Property Rights
IPRs essential or potentially essential to the present document may have been declared to ETSI. The information
pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found
in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in
respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web
server (http://webapp.etsi.org/IPR/home.asp).
Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee
can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web
server) which are, or may be, or may become, essential to the present document.
Foreword
This Technical Report (TR) has been produced by ETSI Technical Committee Telecommunications and Internet
converged Services and Protocols for Advanced Networking (TISPAN).
ETSI
7 ETSI TR 187 013 V3.1.1 (2011-02)
1 Scope
The present document presents the result of a study of options for the IPTV security architecture supporting TISPAN
NGN Release 3 that satisfies the security requirements for IPTV given in TS 187 001 [i.1].
The present document offers the results of analysis of the options for security architecture and mechanisms to provide
IPTV service protection where service protection refers to the protection offered during the period when IPTV media is
transmitted in the NGN. A security architecture for a general content protection framework to allow comparison of
existing content protection solutions (e.g. DRM systems) is required for the NGN, but is not covered by the present
document. Content protection includes the provision of post-delivery protection of IPTV media and may include
controls to ensure that the user can only use the content in accordance with the license it has been granted, e.g. the times
of the content can be viewed.
NOTE: The functional architecture for IMS based IPTV without security entities conforms to TS 182 027 [i.5].
The functional architecture for dedicated IPTV subsystem without security entities conforms to
TS 182 028 [i.6].
2 References
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
reference document (including any amendments) applies.
Referenced documents which are not found to be publicly available in the expected location might be found at
http://docbox.etsi.org/Reference.
NOTE: While any hyperlinks included in this clause were valid at the time of publication ETSI cannot guarantee
their long term validity.
2.1 Normative references
The following referenced documents are necessary for the application of the present document.
Not applicable.
2.2 Informative references
The following referenced documents are not necessary for the application of the present document but they assist the
user with regard to a particular subject area.
[i.1] ETSI TS 187 001: "Telecommunications and Internet Converged Services and Protocols for
Advanced Networking (TISPAN); NGN SECurity (SEC); Requirements".
[i.2] Void.
[i.3] ETSI TS 181 016: "Telecommunications and Internet converged Services and Protocols for
Advanced Networking (TISPAN); Service Layer Requirements to integrate NGN Services and
IPTV".
[i.4] ETSI TS 187 003: "Telecommunications and Internet converged Services and Protocols for
Advanced Networking (TISPAN); NGN Security; Security Architecture".
[i.5] ETSI TS 182 027: "Telecommunications and Internet converged Services and Protocols for
Advanced Networking (TISPAN); IPTV Architecture; IPTV functions supported by the IMS
subsystem".
[i.6] ETSI TS 182 028: "Telecommunications and Internet converged Services and Protocols for
Advanced Networking (TISPAN); NGN integrated IPTV subsystem Architecture".
ETSI
8 ETSI TR 187 013 V3.1.1 (2011-02)
[i.7] ETSI TS 183 063: "Telecommunications and Internet converged Services and Protocols for
Advanced Networking (TISPAN); IMS-based IPTV stage 3 specification".
[i.8] OMA-TS-BCAST-SvcCntProtection - v1-0: "Service and Content Protection for Mobile Broadcast
Services", version 1.0, Open Mobile Alliance.
[i.9] ETSI TS 103 197: "Digital Video Broadcasting (DVB); Head-end implementation of DVB
SimulCrypt".
[i.10] ETSI TS 133 246: "Security of Multimedia Broadcast/Multicast Service (MBMS) Release 8".
[i.11] ETSI TS 133 220: "Digital cellular telecommunications system (Phase 2+); Universal Mobile
Telecommunications System (UMTS); LTE; Generic Authentication Architecture (GAA); Generic
bootstrapping architecture (3GPP TS 33.220 Release 8)".
[i.12] ETSI TS 123 246: "Universal Mobile Telecommunications System (UMTS); LTE; Multimedia
Broadcast/Multicast Service (MBMS); Architecture and functional description (3GPP TS 23.246
Release 8)".
[i.13] ETSI TS 126 237: "Universal Mobile Telecommunications System (UMTS); LTE; IP Multimedia
Subsystem (IMS) based Packet Switch Streaming (PSS) and Multimedia Broadcast/Multicast
Service (MBMS) User Service; Protocols (3GPP TS 26.237 Release 8)".
[i.14] OMA-AD-BCAST-v1-0: "Open Mobile Alliance: "Mobile Broadcast Services Architecture".
[i.15] OIPF Release 1 Specification "Authentication, Content Protection and Service Protection", V1.1,
2009-10-08 (volume 7).
[i.16] Marlin Developer Community: "Marlin Broadband Transport Stream Specification",
Version 1.0.1, July 2008.
[i.17] Marlin Developer Community: "Marlin - Broadband Network Service Profile Specification",
Version 1.0, July 2008.
[i.18] Marlin Developer Community: "Marlin - Core System Specification", Version 1.3, latest Marlin
Errata: Marlin Core System v1.3.
[i.19] Marlin Developer Community: "Marlin - File Formats Specification", Version 1.1, and latest
version of "Marlin Errata: Marlin - File Formats Specification V1.1".
[i.20] Marlin Developer Community: "OMArlin Specification", Version 1.0.1, July 2008.
[i.21] OASIS: "Assertions and Protocols for the OASIS Security Markup Language (SAML) V2.0".
[i.22] OASIS: "Profiles for the OASIS Security Assertion Markup Language (SAML) V2.0".
[i.23] IETF RFC 2617: "HTTP Authentication: Basic and Digest Access Authentication".
[i.24] IEC 62455: "Internet protocol (IP) and transport stream (TS) based service access".
[i.25] ISO/IEC 13818-1:2000/Amd.3:2004: "Generic coding of moving pictures and associated audio
information: Systems".
[i.26] ISO/IEC 15408-2: "Information technology - Security techniques - Evaluation criteria for IT
security - Part 2: Security functional requirements".
[i.27] ITU-T Recommendation I.130: "Method for the characterization of telecommunication services
supported by an ISDN and network capabilities of an ISDN".
[i.28] Making better standards.
NOTE: See http://portal.etsi.org/mbs/.
[i.29] ETSI TS 102 484: "Smart Cards; Secure channel between a UICC and an end-point terminal".
[i.30] ETSI TS 133 110: "Universal Mobile Telecommunications System (UMTS); LTE; Key
establishment between a UICC and a terminal (3GPP TS 33.110)".
ETSI
9 ETSI TR 187 013 V3.1.1 (2011-02)
[i.31] ETSI TS 133 221: "Digital cellular telecommunications system (Phase 2+); Universal Mobile
Telecommunications System (UMTS); LTE; Generic Authentication Architecture (GAA); Support
for subscriber certificates (3GPP TS 33.221)".
[i.32] IETF RFC 3310: "HTTP Digest Authentication Using AKA".
[i.33] ETSI TS 133 102: "Universal Mobile Telecommunications System (UMTS); LTE; 3G security;
Security architecture (3GPP TS 33.102)".
[i.34] ETSI TS 131 103: "Digital cellular telecommunications system (Phase 2+); Universal Mobile
Telecommunications System (UMTS); Characteristics of the IP Multimedia Services Identity
Module (ISIM) application (3GPP TS 31.103)".
[i.35] ETSI TS 126 346: "Universal Mobile Telecommunications System (UMTS); LTE; Multimedia
Broadcast/Multicast Service (MBMS); Protocols and codecs (3GPP TS 26.346)".
[i.36] IETF RFC 3711: "The Secure Real-time Transport Protocol (SRTP)".
[i.37] ETSI TS 124 109: "Universal Mobile Telecommunications System (UMTS); LTE; Bootstrapping
interface (Ub) and network application function interface (Ua); Protocol details
(3GPP TS 24.109)".
[i.38] IETF RFC 3830: "MIKEY: Multimedia Internet KEYing".
[i.39] ETSI TS 184 002: "Telecommunications and Internet converged Services and Protocols for
Advanced Networking (TISPAN); Identifiers (IDs) for NGN".
[i.40] ETSI TS 184 009: "Telecommunications and Internet converged Services and Protocols for
Advanced Networking (TISPAN); Rules covering the use of TV URIs for the Identification of
Television Channels".
[i.41] ETSI TS 133 203 (V9.4.0): "Digital cellular telecommunications system (Phase 2+); Universal
Mobile Telecommunications System (UMTS); LTE; 3G security; Access security for IP-based
services (3GPP TS 33.203 version 9.4.0 Release 9)".
[i.42] ETSI TS 102 474: "Digital Video Broadcasting (DVB); IP Datacast over DVB-H: Service
Purchase and Protection".
[i.43] ETSI ETR 289: "Digital Video Broadcasting (DVB); Support for use of scrambling and
Conditional Access (CA) within digital broadcasting systems".
[i.44] DVB bluebook A125: "Digital Video Broadcasting (DVB); Support for use of DVB Scrambling
Algorithm version 3 within digital broadcast systems, DVB Document A125", July 2008.
3 Definitions and abbreviations
3.1 Definitions
For the purposes of the present document, the following terms and definitions apply:
content protection: protection of content or content assets during its entire lifetime
NOTE: The content provider defines the lifetime that the protection is required for.
Content Provider (CP): entity that owns or is licensed to sell content or content assets
license: data package which represents the granted Rights to a specific user and the key related to the protected Content
rights: pre-defined set of usage entitlement to the content. The entitlement may include the permissions (e.g. to
view/hear, copy, modify, record, distribute, etc.), constraints (e.g. play/view/hear multiple times or hours), etc.
ETSI
10 ETSI TR 187 013 V3.1.1 (2011-02)
service protection: protection of content (e.g. files or streams) and service information during delivery which may
include content already protected and meta data that the service provider adds to the content
NOTE: The service may be composed of the content to be transferred and other data and service components.
Service protection addresses protecting this composition while in transit and regulates authorized access
to the service. Additionally it addresses ensuring the service availability, as defined in the service level
agreements.
3.2 Abbreviations
For the purposes of the present document, the following abbreviations apply:
AES Advanced Encryption Standard (AES)
AKA Authentication and Key Agreement
AU Access Unit
AV Authentication Vector
BC BroadCast
BCAST BROADCAST
BCRO Broadcast Rights Object
BDS Broadcast Distribution Service
BSD/A BCAST Service Distribution/Application
BSF Boostrapping Strapping Function
BSM BCAST Subscription Management
CA Certificate Authority
CA Conditional Access
CAS Conditional Access System
CEF Content Encryption Function
CND Customer Network Device
CNG Customer Network Gateway
CoD Content on Demand
CP Content Provider
CSA Common Scrambling Algorithm
CSP Communication Service Provider
CSPG Communication Service Provider Group
DRM Digital Rights Management
DTCP-IP Digital Transmission Content Protection-IP
DVB Digital Video Broadcasting
ECM Entitlement Checking Message
FA File Application Component
FD File Delivery Component
FFS For Further Study
FMC-IPTV Fixed Mobile Convergence-IP Television
GBA Generic Bootstrapping Architecture
HSS Home Subscriber Server
ID IDentifier
IMPI IM Private Identity
IMS IP Multimedia Subsystem
IPSEC Internet Protocol SECure transmission
IPTV IP Television
ISIM IMS Subscriber Identity Module
KMF Key Management Function
LTKM Long Term Key Message
MBMS Mobile Broadcast/Multicast Service
MCF Media Control Function
MDF Media Delivery Function
MF Media Function
MNO Mobile Network Operator
MSK MBMS Service Key
MTK MBMS Transport Key
MUK MBMS User Key
NAF Network Application Function
ETSI
11 ETSI TR 187 013 V3.1.1 (2011-02)
NASS Network Access SubSystem
NBA Nass Bundled Authentication
NGN Next Generation Network
OIPF Open IPTV Forum
OITF Open IPTV Terminal Function
OMA Open Mobile Alliance
PC Personal Conputer
PEK Programme Encryption Key
PID Packet Identifier
PMT Programme Map Table
QoS Quality of Service
REK Rights Encryption Key
ROAP Rights Object Acquisition Protocol
RTCP Real Time Control Protocol
RTP Realtime Transmission protocol
SA Service Authorization
SAA Standard Authentication Algorithm
SAML Security Access Markup Language
SCF Service Control Function
SCP SmartCard Profile
S-CSCF Server - Call Session Control Function
SDF Service Discovery Function
SDP Session Description Protocol
SEK Service Encryption Key
SG Service Guide
SKMF Service Key Management Function
SLF Server Local Function
SMF Secure Management Function
SP Service Protection
SP-E Service Protection Encryption component
SPF Service Provider Function
SP-KD Service Protection Key Distribution Component
SP-M Service Protection Management Component
SRTP Secure Real Time Protocol
SSEK Sealed Service Encryption Key
SSF Service Selection Function
SSO Single Sign On
STB Set-Top Box
STKM Short Term Key Message
TEK Traffic Encryption Key
TLS Transaction Layer Security
TMPI Temporary IP Multimedia Private Identity
TS Transport Stream
UA User Authentication
UDP Unicast Datagram Packet
UE User Equipment
UICC Universal Integrated Circuit Card
UPSF User Profile Server Function
URK User Root Key
USIM Universal Subscriber Identity Module
ETSI
12 ETSI TR 187 013 V3.1.1 (2011-02)
4 Security Requirements on IPTV Content and Service
Protection
The Security Requirements are for IPTV are defined in clause of 4.13 of TS 187 001 [i.1] and captured in table 4.1
classified by the form of countermeasure required to satisfy the requirement.
Table 4.1: IPTV security requirements and countermeasure class implied
Req-Id Requirement statement Countermeasure class
R-IPTV-C-1 The NGN IPTV service allows several kinds of users, named groups of Identification
users, entities acting on behalf of users and entities acting on behalf of
named groups of users.
R-IPTV-C-2 The NGN IPTV service assigns unique and non-forgeable user identities Identification
to users.
R-IPTV-C-3 The NGN IPTV service allows several (number to be decided) users to Identification
be associated with one subscription.
R-IPTV-C-4 The NGN IPTV service uniquely authenticates all users to the IPTV Authentication
service using unique and non-forgeable authentication credentials on a
subscription basis.
R-IPTV-C-5 The NGN IPTV service uniquely authorizes all users to the IPTV service Authorisation
on a subscription basis.
R-IPTV-C-6 The NGN IPTV service assigns unique and non-forgeable identities to all Identification
subscribers and named groups of subscribers.
R-IPTV-C-7 The NGN IPTV service uniquely authenticates all subscribers and named Authentication
groups of subscribers to the IPTV service using unique authentication
credentials.
R-IPTV-C-8 The NGN IPTV service uniquely authorizes all subscribers and named Authorisation
groups of subscribers to the IPTV service.
R-IPTV-C-9 The NGN IPTV service assigns unique and non-forgeable identities to all Identification
user devices.
R-IPTV-C-10 The NGN IPTV service uniquely authorizes all devices to the IPTV Authorisation
service.
R-IPTV-C-11 The NGN IPTV service assigns unique and non-forgeable identities to all Identification
IPTV sessions that are verifiable to users and devices.
R-IPTV-C-12 The NGN IPTV service assigns unique and non-forgeable identities to all Identification
IPTV service providers that are verifiable to users.
R-IPTV-C-13 The NGN IPTV service provides a mechanism to authenticate and Authorisation
authorize the RTSP control messages from users.
R-IPTV-C-14 The NGN IPTV service assigns unique and non-forgeable identities to all Identification
IPTV content that are verifiable for users.
R-IPTV-CN-1 The NGN IPTV service protection functions supports distribution of Key Management
access keys coming from the network according to the corresponding
rights.
R-IPTV-CN-2 The NGN IPTV service protection functions supports means to protect Key Management
the service-associated keys against unauthorized access, and ensure
their integrity and confidentiality.
R-IPTV-CN-3 The NGN IPTV service protection functions is able to authenticate and
Authentication
ensure the integrity and confidentiality of communication between the
service and the user.
R-IPTV-CN-4 The NGN IPTV service protection functions provides a means for Authorization
protecting time-restricted services (e.g. subscription and pay-per-view).
R-IPTV-CN-5 The NGN IPTV service protection functions provides an open framework Availability
allowing the operator to choose one or more protection solution.
R-IPTV-CN-6 The NGN IPTV service protection functions applied on a service Availability
providing access to IPTV content is not making any constraint on the way
the content is protected.
R-IPTV-CN-7 The NGN IPTV service protection functions applied on a service Availability
providing access to IPTV content interoperates with Content Protection
solutions.
R-IPTV-CP-1 The NGN IPTV content protection authenticates and authorize the origin Authorisation
of all IPTV content to the receiving users.
R-IPTV-CP-2 The NGN IPTV content protection verifies the authenticity of the origin of Authentication
all IPTV content to the receiving users.
R-IPTV-CP-3 The NGN IPTV content protection provides end-to-end content Confidentiality
confidentiality protection within regulatory constrains.
ETSI
13 ETSI TR 187 013 V3.1.1 (2011-02)
Req-Id Requirement statement Countermeasure class
R-IPTV-CP-4 The NGN IPTV service provides end-to-end content integrity protection Integrity
for an IPTV session.
R-IPTV-CP-5 The NGN IPTV service controls and restrict content on a content Identification
metadata basis for users.
R-IPTV-CP-6 The NGN IPTV service and content protection functions provide the Key Management
means for retrieving related rights and/or keys for chosen protected
content items.
R-IPTV-CP-7 The NGN IPTV service has a measure to restrict unauthorized usage of Authorisation
content (viewing, re-viewing, copying, etc.) for users.
R-IPTV-CP-8 The NGN IPTV service has a measure to restrict unauthorized Authorisation
distribution of content for users.
R-IPTV-CP-9 The NGN IPTV content protection functions provide a means for Integrity
protecting time-restricted content usage.
R-IPTV-CP-10 The NGN IPTV content protection functions provide an open framework Availability
allowing the operator to choose one or more protection solution.
R-IPTV-NIMS-1 The NGN IPTV service for each IPTV session uniquely links devices, Identification
users, named groups of users, entities acting on behalf of users to an
IPTV session.
R-IPTV-NIMS-2 The NGN IPTV service for each combined IPTV session uniquely links Identification
devices, users to an IPTV session.
R-IPTV-NIMS-3 The NGN IPTV service assigns unique identities to critical IPTV service Identification
logics on the devices that are verifiable for users.
R-IPTV-NIMS-4 The NGN IPTV service assigns non-forgeable identities to critical IPTV Identification
service logics on the devices that are verifiable for users.
R-IPTV-NIMS-5 The NGN IPTV service authenticates and authorize critical IPTV service Authorisation
logics on the devices to the receiving user.
R-IPTV-NIMS-6 The NGN IPTV service verifies the authenticity of critical IPTV service Authentication
logics on the devices to the receiving users.
R-IPTV-NIMS-7 Refinement of DSF9: The NGN IPTV service uniquely authenticates all Authentication
subscribers and named groups of subscribers when accessing private or
sensitive information using unique authentication credentials.
R-IPTV-NIMS-8 Refinement of DSF10: The NGN IPTV service uniquely authorizes all Authorisation
subscribers and named groups of subscribers when accessing private or
sensitive information.
R-IPTV-NIMS-9 The NGN IPTV service provides end-to-end encryption of private or Confidentiality
sensitive information on an IPTV session basis.
R-IPTV-AD-1 The NGN IPTV service is accessible to the authorized users, subscribers Availability
and devices according to the requirements of the IPTV service regarding
timeliness and quality.
R-IPTV-AD-2 The NGN IPTV service has measures to prevent DoS attacks posed Availability
upon the IPTV service to ensure fulfilment of the requirements of the
IPTV service regarding timeliness and quality.
R-IPTV-AD-3 The NGN IPTV service has measures to detect and act upon all DoS Availability
attacks posed upon the IPTV service (note that act might mean inform
e.g. the system administrator of the event) to ensure fulfilment of the
requirements of the IPTV service regarding timeliness and quality.

5 Identification and authentication in IPTV
A large number of the IPTV requirements require unique identification of the IPTV user, or of the IPTV Service, with
assignments made by the IPTV Service (see table 5.1).
TS 184 002 [i.39] identifies public and private identifiers for NGN subscribers in the NGN as being in the form of
either a SIP URI or a tel-URI maintained in either the UPSF or the S-CSCF (which entity holds the identity depends on
the nature of the access to the NGN). In addition TS 184 009 [i.40] identifies the use of the tv:URI to uniquely identify
television broadcasts. These mechanisms do not fully comply with the requirements stated for IPTV identification in
TS 187 001 [i.1].
ETSI
14 ETSI TR 187 013 V3.1.1 (2011-02)
Security requirements R-IPTV-NIMS-1/2/3 identify a need to link users, devices and user-agents for each IPTV session,
whereas TS 184 009 [i.40] only defines identities for broadcasters and not for sessions. A number of views can be taken
that may allow this requirement to be met by building on IMS and NGN-R3 capabilities. If registration requires explicit
notification of service invocation (such as when using the MBMS capabilities) and where media is protected using
service protection the key management audit trail may be used to satisfy these criteria with the root identity of the user
and device being visible in IMS and NASS.
Where authentication and authorisation services are required there is an implicit understanding of a security association
for these services between the IPTV user and the IPTV service provider. This security association needs to be made
explicit. Where the service is provided to a group of users it is strongly recommended that the activities of each member
of the group is maintained private from the other members, i.e. the IPTV service should implement an Unlinkability
service as defined in ISO/IEC 15408-2 [i.26].
Table 5.1: IPTV security requirements where identification is an explicit requirement
Req-Id Requirement statement Countermeasure class
R-IPTV-C-1 The NGN IPTV service allows several kinds of users, named groups of Identification
users, entities acting on behalf of users and entities acting on behalf of
named groups of users.
R-IPTV-C-2 The NGN IPTV service assigns unique and non-forgeable user identities Identification
to users.
R-IPTV-C-3 The NGN IPTV service allows several (number to be decided) users to Identification
be associated with one subscription.
R-IPTV-C-6 The NGN IPTV service assigns unique and non-forgeable identities to all Identification
subscribers and named groups of subscribers.
R-IPTV-C-9 The NGN IPTV service assigns unique and non-forgeable identities to all Identification
user devices.
R-IPTV-C-11 The NGN IPTV service assigns unique and non-forgeable identities to all Identification
IPTV sessions that are verifiable to users and devices.
R-IPTV-C-12 The NGN IPTV service assigns unique and non-forgeable identities to all Identification
IPTV service providers that are verifiable to users.
R-IPTV-C-14 The NGN IPTV service assigns unique and non-forgeable identities to all Identification
IPTV content that are verifiable for users.
R-IPTV
...